Australians left to monitor their own NBN broadband speeds



File 20170726 23211 1v16yni
A simple broadband speed test from speedof.me.
Shutterstock/garagestock/Screenshot from http://speedof.me

Thas Ampalavanapillai Nirmalathas, University of Melbourne

The Australian Competition and Consumer Commission has pledged to get tough on any Internet Service Providers that mislead consumers about National Broadband Network speeds.

But how do you know if you’re getting a good deal when you connect to the NBN? How do you know if you’ll be getting the high-speed connection you were promised?

NBN Co is building the infrastructure, with 5.7 million premises now able to connect to the network via fibre, hybrid cable, wireless or satellite. To make that connection though, you have to deal with one of almost 150 listed ISPs.

Customers are ‘confused’

The ACCC’s chairman Rod Sims says we should expect a healthy and competitive sector. But he also says many consumers are “confused about broadband speed advertising” and the industry has been “inconsistent in making clear, accurate information available”.

So it is crucial for the ACCC to ensure that companies do not mislead consumers about the speeds offered by their ISP.

The Australian market is different to that in the United Kingdom, where the regulator Ofcom actively provides accurate information to consumers to enable a comparison of services.

Australia takes a different approach, relying on protections available via consumer law, and encouraging industry self-regulation to provide the right information to the consumer.

The experience you get really depends on a range of factors relating to transmission quality, reflected as speed of connectivity and latency (delays) in exchanging information across the internet. Key factors include:

  • how you connect to the internet router in your house (such as by Wi-Fi or ethernet)
  • the transmission quality from home to the Point of Interconnect (where the ISP’s network connects to the NBN)
  • transmission quality within the ISP network
  • transmission quality of the content delivery network.

Measuring the speed of your internet connection

A basic speed test of any internet connection is a measure of the time it takes to transfer a fixed file from a server. The result is usually given in Mbps (Megabits per second).

Many ISPs, such as Telstra, Optus and iiNet, currently provide internet speed tests for their customers.

But speeds measured this way tend to reflect the connectivity from the ISP to the consumer. The speeds you experience in general use can be significantly lower than the “peak” speed advertised by the service provider.

To get a better idea of the real speed of your internet connection you should use another speed testing service, in addition to the one recommended by your ISP.

You should also repeat this measurement at various times of the day and keep detailed notes of any results. Some typical speed tests are:

Speeds can change over time for even the fastest NBN connection.

Currently most ISPs offer a higher speed for downloading and lower speed for uploading. As many users often download the same content, the network can be optimised to take advantage of this and offer higher speeds.

But users also upload unique content, such as photos to social media accounts or files to cloud storage. This does not have the advantage of scale and thus speed of access could be lower.

As cloud-based storage and content-delivery networks – such as Netflix, Foxtel and others – become more highly trafficked, our requirements are changing. Many users now prioritise more symmetrical internet connectivity, with similar download and upload speeds.

How fast should the internet be in Australia?

In Australia, premises with fibre connections to the NBN can theoretically get a peak rate of 100Mbps. In fact, in Australia there are 5 tiers of NBN connections, varying between Tier 1 (12Mbps download/1Mbps upload) to Tier 5 (100Mbps download/40Mbps upload).

But the measured speeds can often be slower than promised by your provider.

There are various reasons for this. It could be that there is a problem between the premises and the NBN network, or there could be delays or oversubscription within the ISP network.

There can be congestion and delays in national and international networks due to inadequate investment by various stakeholders to keep the capacity of the network in scale with the increasing number of customers.

Your experience can also vary across the day and from one service to another. As the number of users varies quite markedly over 24 hours, the state of the network (NBN, ISP network, Content Delivery Network) can change with various levels of congestion.

This leads to different speeds of connectivity at different times when accessing different types of services. For example, web access might be slower given the location of a server, compared with an internet video streaming service that might be optimised to deliver the most popular content within the region.

While many internet service providers advertise a typical speed, in Australia there is no expectation that they should indicate the variability (the range of minimum and maximum speeds).

When so slow is too slow

If you think your NBN connection is too slow and not what you were promised, you should raise the problem with your ISP. If they fail to resolve the issue you should report it to the ACCC.

To improve information about broadband speeds, the ACCC is currently running a A$7 million trial of NBN speed monitoring and it wants consumers to be part of it.

Australia could have anticipated these speed issues and established a broadband performance reporting framework as part of access to the NBN infrastructure by providers.

The Australian Communications Consumers Action Network (ACCAN) has been crying out for a scheme to monitor the performance of ISPs.

The ConversationBut this hasn’t happened yet. So for now it’s left to you as a consumer to monitor your NBN connection speeds, and report any ongoing problems to the ACCC which hopes to start publishing speed and performance data later this year.

Thas Ampalavanapillai Nirmalathas, Director – Melbourne Networked Society Institute, Professor of Electrical and Electronic Engineering, Co-Founder/Academic Director – Melbourne Accelerator Program, University of Melbourne

This article was originally published on The Conversation. Read the original article.

Advertisements

The ACCC threatens to take Telstra and other ISPs to court over misleading NBN speeds



File 20170720 23983 2a90me
Not up-to-speed.
NBN Co

David Glance, University of Western Australia

Rod Sims, chairman of the Australian Competition and Consumers Commission (ACCC), has signalled that the regulator is going to take a tougher stance against internet service providers like Telstra, Optus and Vocus about misleading consumers about NBN broadband speeds.

In particular, Sims has said that Telstra’s continued use of terms like “Very Fast” and “Super Fast” to describe theoretical, but often unobtainable, broadband speeds needs to stop.

The ACCC has indicated that it is likely to bring court cases before the end of the year if these practices don’t end.

In a speech at the Unwired Revolution Conference, the ACCC talked of the findings of a Australian communications sector review.

In particular, Sims drew attention to the fact that the Australian public were opting for slower speeds on the NBN mainly because ISPs were unwilling to sell faster speeds due to the high costs of the connections (CVC) provided by NBN Co.

The pricing of wholesale connections provided by NBN Co are set in order for them to recoup money that has been invested, in large part by the Australian federal government, and so unless NBN Co is directed to do this differently by the government, the situation is unlikely to change.

Part of the problem is the lack of transparency. Many properties that are being supplied with a Fibre to the Node (FTTN) connection may never be able to get the fastest connection plan of 100 Mbps because they are too far from the node. As the chart below shows, speeds of 100 Mbps can only be achieved if the house is within 500 meters of the node.

FTTN speed slows with distance from the node.
NBN MTM

A map of properties in Australia highlights that two houses on opposite sides of a road can have very different maximum speeds because of the nodes they are connected to. Telstra has previously admitted that some customers were sold plans for speeds they would never be able to attain at their premises.

NBN street map showing distance from node and calculated speed.
NBN MTM

In addition to this, there are the number of connections to that node and in particular, the capacity of the ISP to handle peak demand by having spare CVC capacity. There are also other factors that would affect a property’s connection, including the state of the copper wiring between the node and the house.

What the ACCC wants ISPs to do is to tell customers not only what the theoretical maximum speed may be for their property using a given technology, but also what the speeds may drop to during peak demand.

NBN Co has this data and could make it public, but it won’t because it claims that it is the responsibility of the ISPs to tell their own customers. Shadow communications minister Michelle Rowland has filed a freedom of information request for the NBN data of theoretical speeds for each property.

The ACCC is recruiting volunteers to install special hardware and software to monitor speeds and the quality of internet connections in their homes.

The results of a pilot trial reported in 2015 showed that the problems with peak demand and variability of internet speeds existed on pre-NBN internet services like Telstra’s HFC cable service. As the figure below highlights, even fibre to the premises (FTTP) connections from one provider varied dramatically, dropping significantly every evening.

Average download speed of FTTP connections.
ACCC

While the data that the ACCC is collecting will be useful and will ultimately assist in highlighting ISPs that are not providing promised services, it would be far better if NBN Co provided this data publicly in the first place.

If the politics and economics of the NBN mean that consumers are going to mostly stick to slower speed plans, many of the proposed economic and social outcomes that were originally envisioned will not be realised.

The ConversationWhile it may represent a slightly better situation for some people who currently have a poor connection via ADSL, it is hard to justify the AUD$20.3 billion that has been invested by the Australian government in the network so far.

David Glance, Director of UWA Centre for Software Practice, University of Western Australia

This article was originally published on The Conversation. Read the original article.

Explainer: how internet routers work and why you should keep them secure



File 20170619 5793 2hvvqf
Think of your router as the post office for the internet.
www.shutterstock.com

Nicholas Patterson, Deakin University

Most of us would be bereft without Wi-Fi but give a little thought to the technology that beams us the internet.

The device we pay so little attention to is called a router. Its main role is to connect networks and send and receive data from an internet provider.

But many routers aren’t particularly secure.

The importance of understanding how routers work and how to protect them from malicious attacks was highlighted by WikiLeaks’s recent revelations about the existence of an alleged CIA hacking tool, code named “CherryBlossom”. This tool can apparently hack routers, allowing the perpetrator to monitor traffic and perform software exploits on victims.

The average person is unlikely to be targeted by this level of attack. But if you’re going to have a router at home, it’s important to understand exactly how it works.

How does a router work?

A router is like a post office for the internet: it acts as a dispatcher, choosing the fastest and most effective delivery paths.

Let’s assume you have a smartphone at home that’s connected to your router and through that, the internet. You’re keen to find a song to listen to. Here’s how it works:

  1. Your smartphone takes your song request, and converts it into a radio signal using the specification (it’s called a 802.11 Protocol) that controls how your Wi-Fi works
  2. This information is sent to the router, including your smartphone’s Internet Protocol address (essentially, its internet street address) and the track you requested
  3. This is where the Domain Name Server (DNS) comes into play. The main purpose of this platform is to take a text based address (let’s say, http://www.spotify.com) and convert it into a numeric Internet Protocol address
  4. The router will then send off the request information to your internet provider, through their proxy and then on to Spotify.com
  5. Along this journey from your home to your internet provider to Spotify.com, your request information will “hop” along different routers. Each router will look at where the the requested information has to reach and determine the fastest pathway
  6. After going through a range of routers, an agreed connection between your home internet, your iPhone and Spotify will be established. As you can see in the image below, I have used a trace route service from Australian-based company Telstra to Spotify showing 16 routers along the journey
  7. Then data will begin to travel between the two devices and you’ll hear the requested song playing through your smartphone.
Trace route from Telstra.net to Spotify.com.
Telstra Internet Direct, Author provided

Explaining the back of your router

Even if you now understand how your router works, the machine itself is covered in mysterious ports and jargon. Here are some to look out for:

Ethernet ports: these exist to enable hard wired networking to the router itself in cases where a Wi-Fi connection is not possible.

SSID: this refers to “Service Set Identifier”, and is an alphanumeric set of characters that act as your Wi-Fi network’s identifier.

Telephone/internet port: this port allows your router to gain a hard wired (RJ-45) connection to the internet, usually through telephone lines.

Routers handle interconnectivity and delivery.
Wikimedia Commons

WPS: this stands for “Wi-Fi Protected Setup”. It allows users faster and easier access to Wi-Fi, because they will not have to enter in the passkey once pushed.

LAN: a “Local Area Network” refers to a grouping of computers and devices being networked together, typically with cables and routers in a singular space – often a university, small company or even just at home.

WAN: when we take a series of geographically distributed LANs and connect them together with routers, this is what we call a “Wide Area Network”. This is useful for larger companies that want to connect all their office locations together.

WLAN: closely related to a LAN, “Wireless Local Area Networks” are LANs whereby users who are on mobile devices can connect through a Wi-Fi connection, allowing complete mobility and thus reducing the need for any cables.

The back of a router.
Timo Schmitt/Flickr, CC BY-NC

Cyber safety with routers

It’s important to protect your router and Wi-Fi network from being compromised.

You should:

  • Change your router’s administrator password and make it strong
  • change the identifying SSID name so it doesn’t give away any details about the model of your router or who owns it
  • ensure encryption is turned on in the router settings: this will ensure the traffic travelling over your network is unreadable
  • change the passkey you enter in when connecting to Wi-Fi
  • ensure your router’s firmware – the software that’s hard coded into your router – is up to date.

The ConversationRouters ensure your home and internet service provider can stay connected. Look after your router, and it will (hopefully) look after you.

Nicholas Patterson, Teaching Scholar, Deakin University

This article was originally published on The Conversation. Read the original article.

Apologies: Your Best Guide on the Internet



File 20170617 11462 7tj75b
The Reconciliation of Paris and Helen after his Defeat by Menelaus Richard Westall.

Russell Blackford, University of Newcastle

Self-help book and works of popular psychology often instruct us in the art of apologising. Their advice is reflected, in turn, in much online discussion.

Most commonly, we’re advised to give elaborate, self-abasing apologies: apologies that go well beyond acknowledging misjudgement or admitting to wrongdoing. With variations, we are told to elaborate in detail just what we did wrong, describe why it was unacceptable, offer nothing in the way of justification or excuse (though sometimes we’re told we can give an explanation without justifying ourselves), and provide explicit assurances that we will never repeat the behaviour. In summary, we’re told to condemn, criticise and abase ourselves, and to ask humbly for forgiveness.

This might be needed for some betrayals of love or friendship. But for most situations it is very bad advice.

Serious wrongdoing

In its most serious mode, the social practice of apologising relates to actions that are later regretted, leading to deep feelings of guilt or shame. With the passage of time, or when we’re brought to focus on what we’ve said or done, we sometimes feel terrible about our own conduct.

To save space, I’ll set aside serious failures resulting from, for example, incompetence (much as these might be interesting in their own right). Let’s consider cases of serious wrongdoing. Here, one person has deliberately harmed or deceived another (or others) in a significant way. In the worst cases, the victim might be someone who legitimately expected the wrongdoer’s goodwill, special concern or even love.

In a situation like this, the victim has every reason to feel profoundly betrayed. Since the wrongdoing was deliberate and significant, it revealed something important and unsavoury about the wrongdoer’s character – what she was psychologically capable of – and especially about her attitude to her victim. In acting as she did, she showed an attitude of disrespect or even malice.

If she aims at reconciliation and seeks forgiveness, the wrongdoer will need to demonstrate that she has undergone something of a psychological transformation. She will need to express heartfelt remorse, show a clear understanding of how she betrayed the victim, and offer especially strong and convincing assurances. She will enter the territory of condemning her own moral character – as it was expressed in the past – and claiming to have changed.

Even the most complete and self-abasing apology might not be enough to regain the victim’s trust and good opinion. The wrongdoer has, after all, revealed by her actions that she was psychologically capable of acting with disrespect or worse. Furthermore, claims to have transformed in moral character are inherently difficult to believe. The victim might understandably be unwilling to restore the relationship to anything like what it previously was.

But most cases are nothing like this. Worthwhile thoughts about apologising in cases of serious wrongdoing can be very bad advice for the range of milder situations that we encounter almost every day.

Everyday cases

In most situations, any sense of guilt or shame is greatly attenuated, even to the point where it might – quite properly – not be felt at all. Thus, words like “sorry” are uttered more as matter of politeness and social convention than to express heartfelt remorse.

Think of the following sequence of events (which happened to me a few days ago). I’d alighted from an intercity train, late at night, and was walking along a moderately crowded platform when I stopped – fairly suddenly, no doubt – to check out a vending machine. The middle-aged man walking immediately behind brushed my arm as he stepped past, and we automatically turned to each other to say, “Sorry!” We spontaneously nodded and smiled at each other, raising our hands, palms outward, as if to indicate peaceful intent and absence of weapons … and he then walked on while I concluded that I didn’t really want the junk food on offer in the machine. And that was all.

The entire exchange took only a few seconds, and neither of us had to go through any process of abasement or self-criticism. How, exactly, is this different from cases that seem far more serious?

It is different along many dimensions, and what follows is not intended to be complete. First, no one was hurt (even psychologically). At most, both of us were momentarily startled.

Second, it would be beside the point to castigate either of us in any serious way. Perhaps we could both have been a bit more conscious of what was going on around us, but at most we showed the sort of lapse in attention and concentration that happens to human beings all the time. I had not been aware of his presence behind me; he did not expect me to stop. But people frequently bump into each other in crowds, and no one is seriously blamed: it’s a normal part of life. It would, of course, be quite different if somebody recklessly sprinted through a crowd, shoving aside people who were in his way.

Third, the two people concerned had no previous relationship except, I suppose, as fellow citizens and fellow human beings. There was no relationship of special regard and trust to try to restore. In that sense, we were not exactly seeking reconciliation, although a certain smoothing of the situation was called for. I doubt, however, that this point makes much difference. Even if the man who brushed past me had turned out to be an old friend, no elaborate apology would have been needed.

Small everyday incidents such as this can be surprisingly pleasant encounters. As long as both people act in the expected way – immediately signalling goodwill and peaceful intent – these incidents make us feel better about ourselves and tend to strengthen societal bonds. For a brief moment, each person provides the other with reassurance that whatever happened was not a prelude to any malicious or violent – or otherwise unfriendly or anti-social – course of action. Importantly, each conveys that the other deserves consideration and respect.

Notice how, during these quick exchanges, we often smile or laugh; we express some mutual amusement at the little tangles of social life. In part, we laugh at our own fallibility, and we forgive ourselves and each other for it. We acknowledge that our fallibility is part of being human, and that it does not, in itself, merit condemnation.

And yet, we do say “Oh, sorry!” or use similar words. In context, this is not an admission of serious wrongdoing or guilty thoughts. We are not seeking anything as grand as forgiveness. By using such words, however, we offer clarity and reassurance. We express something like the following: “I made a miscalculation (or had a lapse in concentration, or whatever might be the case); please understand that I bear you no ill will or disrespect; you have nothing to fear from me.”

Often, this is what we really want to know from each other, and this message also has the advantage that it is usually a believable one. By contrast, an assurance by a serious wrongdoer that she will never do such a thing again might strain credulity.

Words of apology are, then, often given without accepting any blameworthiness. Since we are human – not infallible or omniscient beings – we make mistakes, get distracted, have lapses in concentration, and so on. Sometimes, indeed, we take actions that prove not to be optimal, even though they were not contraindicated on the information available to us at the time.

If you’re at all like me, you might very often find yourself apologising for things that you don’t feel especially ashamed of or guilty about. You might also receive such apologies from others.

For example, a salesperson might apologise to you if you have to wait for an unusually long time to be served, even if the delay was caused by something obviously beyond her control. The apology does not indicate an admission of wrongdoing, and it is certainly not an assurance that nothing like this will happen again (it might well!). But it offers respect and reassurance to someone who has been inconvenienced, even unavoidably.

Miscommunications

I frequently find myself apologising to someone I’m talking to if I’ve miscommunicated what I was trying to say and thus caused confusion (or perhaps even hurt feelings). Alternatively, I might apologise if I realise that I’ve been interpreting my interlocutor wrongly: I’ve grabbed the wrong end of the verbal pineapple and thereby caused confusion. In either case, however, the miscommunication is not a reason to feel any serious guilt or shame.

For example, if I misinterpret somebody’s words the reason might be genuine ambiguity in what he said. Conversely, if someone misunderstands my words, perhaps he was being uncharitable. Alternatively, it might have been genuinely difficult to formulate the idea I was trying to get across – and in the circumstances perhaps I couldn’t have been expected to do any better.

It might nonetheless be reasonable – and it is somewhat conventional – to waive our possible defences once we realise that we’re at cross purposes in a conversation. It isn’t difficult, and it can become almost instinctive, to say things like “Sorry – I’ll rephrase that” or “Oops, sorry – I see what you mean now.”

The truth of it is, we can almost always express ourselves a bit more clearly and listen a bit more astutely. In acknowledging this on any particular occasion, we are not admitting to serious wrongdoing or a nasty attitude. Our mild words of apology can and should reflect this.

Through minor apologies, we reassure the people we’re dealing with that we view them as worthy of respect. We signal that we don’t hold grudges or assign blame over small things that have gone wrong, and that the people we encounter don’t need to worry about how we regard them or what we might do next. All this helps us get along socially, as human beings must.

A flexible practice

The more we think about the practice of apologising, the more we become aware of how varied, complex and flexible it is.

On some occasions, perhaps you should have taken more care, yet you were not outright malicious or even reckless. Perhaps you were tired or stressed or poorly prepared for a task. In these cases, something more than a brief conventional apology might be in order. All the same, mere failure to take adequate care does not indicate anything especially unsavoury about your moral character. It happens from time to time to almost anyone.

If your carelessness has caused significant harm, you might feel urgent concern for those affected and you might owe them some kind of redress. But depending on the circumstances, it might be overkill if an officious interloper demanded that you humble and condemn yourself. If you did any such thing, it would feel and appear insincere.

Irrespective of any advice from pop psychologists, it often makes sense to accompany an apology with an explanation or excuse. Indeed, explanations or excuses can be better than apologies. Allow me to elaborate.

It is often said that “intent is not magic”, and that phrase does have some point when clear-cut harm has been inflicted on somebody identifiable. In more cases than not, however, it is precisely the wrong way to think about human interaction. Often, what hurts us most about someone else’s conduct is the attitude that it seems to reveal. It might seem to show that the person views us with malice or disrespect. If she is someone we care for, that can be emotionally devastating. We might wonder whether our relationship with her was based all along on an illusion.

But much of the sting is removed if she gives an explanation or excuse that shows she does not, after all, harbour malice or disrespect. She might, in fact, utter conventional words of apology, but the important thing is that she reassure us in some convincing way about how she feels. The point of good explanations is that they really do explain; the point of good excuses is that they really do excuse.

In some cases, we can even apologise for actions that were not our own. For example, you might apologise (as you try to shuffle him out of a party) for the boorish and embarrassing conduct of a friend who has had too much to drink. Similarly, a media organisation might apologise for a defamatory or outrageous remark made by a guest.

Likewise, the leader of a country might apologise formally for something done by her country, even if it happened a long time ago before she was born. This is a fairly well understood public act with a potential to reconcile and heal. It makes intuitive sense because it relies on the idea that political entities have an ongoing existence beyond the lifetimes and participation of their individual citizens.

However, not just any relationship can make an apology coherent. There has to be the right sort of connection between the person giving the apology and somebody else’s behaviour. For example, you can’t sensibly apologise for your friend’s boorish actions on some past occasion when you were not even present.

In some situations, we don’t have a clear idea who may have been inconvenienced or offended by our conduct. Contrary to much advice on the Internet, it makes perfectly good sense in these circumstances to offer contingent apologies such as “We apologise for any inconvenience” or “I am sorry if I upset anyone.”

On some particular occasion, you might think that any upset from your conduct was not reasonable. You might even doubt whether anyone was genuinely upset, as opposed to grandstanding to make a point. Nonetheless, you might also feel concern about any upset that actually was experienced, even unreasonably. If so, a mild and contingent apology might be perfectly in order. It is a socially intuitive way to convey that you are not motivated by malice or disrespect. And again, it signals that whatever you did or said was not the precursor to a more troubling course of conduct.

This leads me to the sensitive topic of weaponised demands for apologies, often followed by equally weaponised complaints about “notpologies”.

Weaponised demands and complaints

As we’ve seen, it’s coherent to apologise even when you are guilty of nothing more than ordinary human fallibility – or sometimes even when your conduct was justifiable. An example of the latter is when you have inconvenienced somebody in order to deal with a crisis.

In other cases, you – or I – might be guilty of something more than ever-present human fallibility. Even then, we might have shown no more than a low degree of negligence that is easily excused. In these cases, we might feel concern if we’ve caused anyone serious harm. Usually, however, feelings of deep guilt or shame will not be fitting. (Very often, in fact, it’s debatable whether we really were careless or merely unlucky: the line can be very blurred, and reasonable people can reach different conclusions.)

In all, the practice of apologising is subtle and complex, and we should enjoy a considerable range of discretion in when and how far we engage in it.

When others demand that we apologise against our own initial judgement, it can be a form of abuse or a political weapon. At the level of personal relationships, demands for apologies can be abusive: a method of punishment and control. At the level of political, social, and cultural debate, the purpose is to humiliate and discredit somebody who is viewed as an opponent or a wrongdoer.

If we force a public apology from someone we cast as a villain, we gain a victory over them and we warn others not to behave similarly. This might have some social value if restricted to people who’ve engaged in genuinely outrageous conduct. However, through public shaming and threats to careers, humiliating apologies can be forced from people who have done little – or arguably nothing – wrong.

As we’ve seen, elaborate self-criticism and self-abasement might be appropriate sometimes. They might be called for when apologising in private to a loved one who has been betrayed in some way. But when somebody is forced through this process in public – perhaps because of her honestly stated opinion on a matter of legitimate controversy, or perhaps for the phrasing of an unrehearsed remark – it is a cruel, unnecessary, indecent spectacle.

To be clear, somebody who is pressured to apologise might, indeed, feel concern at having offended others. She might willingly offer some clarification and some mild words of apology. The latter might, for example, be along the lines of, “I’m sorry if anyone was offended.” In the circumstances, this response provides clarification of intent, reassurance, and an expression of goodwill. Once a shaming campaign begins, however, it won’t get anyone off the public relations hook.

Whatever mob is pressuring and shaming her will inevitably condemn her (quite reasonable) response as a mere “notpology” and apply further pressure. In this parlance, appropriately limited and contingent apologies are referred to as “notpologies” by zealots who hope to humiliate and discredit their real or imagined enemies.

When demands and complaints are made in this weaponised manner, we have a powerful reason to resist them. Each time someone gives in to a mob of zealots, and offers public self-criticism and a humiliating public apology, it encourages the mob to find new victims. Don’t give such mobs positive feedback.

Your best guide?

My subheading to this article, “Your Best Guide on the Internet”, is lighthearted but on point. As I’ve emphasised, the practice of apologising is complex. We often have to make subtle, discriminating decisions about when and how to engage in it. By contrast, most advice on the Internet is misleading in suggesting that there is a single formula that we need to learn.

Fortunately, our intuitions are usually well honed by experience during our formative years, and most of us make reasonable judgements more often than not, even on the spur of the moment. We might not always be aware of it consciously, but we sense in our everyday practices that apologies can take many forms to suit a myriad of circumstances.

None of this is intended to suggest that I always get it right in my own life! Perhaps no one does; in any event, I am not holding myself out as a role model. I have sometimes made mistakes in this area, even quite serious ones, usually out of anger or pride or self-righteousness. If I have any advice to give beyond the most obvious, it’s to try to avoid those feelings – especially in combination. It’s wise to put them aside, if we can, and in cases of doubt it’s often best to give some sort of apology even if it goes against our grain.

The ability to apologise freely, without embarrassment, should be easier if we recognise how often our mistakes come from ordinary human limitations for which we should feel no particular guilt or shame. Combined with this, most apologies do not relate to serious wrongdoing, disrespectful attitudes to others, or defects of character.

Everyday apologies usually have rather conventional and pragmatic functions: to express regret (but not necessarily culpability) for inconvenience, confusion or hurt; to assure others that we respect them and recognise their interests, and that our intentions are not hostile; and to indicate that others have nothing to fear from us going forward.

In a sense, none of this is new. I’m telling readers what they already know, but the opposite of what they are too often told. I’ve set out in an explicit way some of the complexity that we are all aware of if we’re not confused by pop psychology or a dubious ideology.

Once again: it is often worth apologising (albeit mildly) even when we’ve done nothing wrong; apologies are often quite legitimately accompanied by explanations or excuses; most apologies do not have to be lengthy or especially self-critical or self-abasing. In some situations, much-maligned “notpologies” might be all that is needed.

This complexity should be familiar, once we think about it clearly and for ourselves.

The ConversationFor each of us, as individuals, the social practice of apologising gives many options to match with the ever-changing situations we encounter in our lives. We can think of them as tools in our social kit. Exactly how we use them is up to us.

Russell Blackford, Conjoint Lecturer in Philosophy, University of Newcastle

This article was originally published on The Conversation. Read the original article.

Three charts on: the NBN and Australia’s digital divide


Ashley Schram, Australian National University; Fran Baum, Flinders University; Matt Fisher, Flinders University; Patrick Harris, University of Sydney; Sharon Friel, Australian National University, and Toby Freeman, Flinders University

The National Broadband Network (NBN) is widely considered to be failing Australians, but it isn’t failing them equally.

Our research, undertaken at the Centre for Research Excellence in the Social Determinants of Health Equity, seeks to address health inequities by looking at the geographical distribution of infrastructure, including digital technology.

Examining the rollout of NBN technologies as of December 2016, our preliminary analyses suggest areas of greatest socio-economic disadvantage overlap with regions typically receiving NBN infrastructure of poorer quality.

Comparing NBN technology with inequality

To determine socio-economic disadvantage, we used the Australian Bureau of Statistics’s (ABS) socio-economic indexes for area (SEIFA) and its index of relative socio-economic advantage and disadvantage (IRSD) from 2011.

Across Australia, we found only 29% of areas with a SEIFA decile of one (the lowest-scoring 10% of areas) had fibre-to-the-premise (FTTP) – considered the best broadband technology solution available – or fibre-to-the-node (FTTN) connections. So far, around 71% of the NBN technology available in these areas involves inferior options, including hybrid fibre-coaxial (HFC), fixed wireless or satellite technologies.

On the other hand, 93% of areas with a SEIFA decile of 10 (the highest-scoring 10% of areas) had FTTP or FTTN.

https://datawrapper.dwcdn.net/OwWJf/4/

This result tells a similar story to an early analysis by Sydney University’s Tooran Alizadeh of 60 NBN release sites that were announced in 2011. She found some of the most disadvantaged areas of Australia were not gaining equal access to the new infrastructure.

If we look only at major cities in Australia – where the level of fibre technology is higher overall – areas with the greatest disadvantage, while exceeding similarly disadvantaged areas nationally, still received significantly less FTTP and FTTN: 65% of areas with a SEIFA decile of one had FTTP and FTTN, compared with 94% of areas with a SEIFA decile of 10.

https://datawrapper.dwcdn.net/qHHxv/3/

Of course Australia is a large, sparsely populated country, which makes the business case for rolling out fibre difficult in some regions. Nevertheless, inequitable access to NBN technology appears even when controlling for the remoteness of the location.

If we look at outer regional Australia where fibre is less prevalent, the pattern looks worse. Only 12% of the most disadvantaged areas with a SEIFA decile of one received FTTP and FTTN, compared with 88% of the most advantaged outer regional areas with a SEIFA decile of nine.

https://datawrapper.dwcdn.net/zc1NF/4/

Receiving FTTP or even FTTN may still be better than receiving HFC, fixed wireless or satellite technologies. While HFC may be able to match maximum speeds of FTTN, this is unlikely to happen during peak times when the increased number of users sharing the same data capacity will slow service considerably. And, similar to FTTN, these technologies provide fewer opportunities to upgrade capacity to meet future demand.

However, given only a limited data set was made publicly available in December 2016 by the NBN company, it is difficult to determine exactly which services are currently installed where. For example, the data set we used does not differentiate between FTTP and the lesser FTTN connection.

It also aggregates some NBN technology into an “other” category, making it impossible to distinguish between HFC and satellite service.



Various/The Conversation, CC BY-ND

The NBN company offers a “check your address” search for its most up-to-date rollout information including technology type, but was unable to share this information with us in a single, usable data set.

A NBN spokesperson said the network was being rolled out across Australia regardless of any socio-economic mapping.

“Determining the sequence is a complex process of weighing up factors including the location of construction resources, current service levels, existing broadband infrastructure, growth forecasts and proximity to nbn infrastructure such as the transit network,” she said in an email. “Only 8 per cent of premises in Australia are not in the fixed-line footprint.”

Internet access and social inequity

A faster internet connection is increasingly central to people’s social connections, education opportunities, employment prospects and ability to access services.

This was raised in a 2011 report by the parliamentary Standing Committee on Infrastructure and Communications. It emphasised the potential role of the NBN in enhancing greater equity in digital access to services in regional and rural areas.

The Committee heard that, due to the ‘digital divide’, many of the Australians who could benefit the most from broadband currently have the lowest levels of online participation … The extent of accompanying measures implemented by governments will determine whether the NBN narrows or widens this digital divide.

Previous research has also found that people from lower socioeconomic groups are already restricted in their use of digital information and communication technologies. This can limit their access to a range of social determinants of health.

When populations already facing disadvantage receive poorer quality digital infrastructure, those with the greatest need will continue to slip farther behind.

Equity must be at the forefront of the NBN company’s considerations as it continues to roll out across Australia. Further entrenching social inequities through digital infrastructure is not the NBN anyone dreamed of.


The ConversationNote: The “contention rate” section of the NBN technology infographic on this story has been updated to improve clarity.

Ashley Schram, Research Fellow, School of Regulation and Global Governance, Australian National University; Fran Baum, Matthew Flinders Distinguished Professor, Foundation Director, Southgate Institute for Health, Society & Equity, Flinders University; Matt Fisher, Research Fellow in social determinants of health, Flinders University; Patrick Harris, Senior Research Fellow, University of Sydney; Sharon Friel, Director, School of Regulation and Global Governance (RegNet) and Professor of Health Equity, ANU, Australian National University, and Toby Freeman, Senior Research Fellow in Health Equity, Flinders University

This article was originally published on The Conversation. Read the original article.

Act now to protect your digital rights, Big Brother and his Little Sisters may be watching



File 20170602 25658 xifht4
Do you know who has the rights to access your digital data? And who might be interested in acquiring that information?
West Point-US Military Academy/Flickr , CC BY-NC-ND

Jack Linchuan Qiu, Chinese University of Hong Kong

This article is part of the Democracy Futures series, a joint global initiative between The Conversation and the Sydney Democracy Network. The project aims to stimulate fresh thinking about the many challenges facing democracies in the 21st century.


Imagine China takes down its national internet blocking system – aka the Great Firewall – tomorrow. Will this affect how you use the internet?

Without the Great Firewall, Facebook and Google will grow exponentially in China. Before long, the tech giants own a sizeable share of the Chinese market and have become good buddies with Beijing.

This scenario unfolds at a time when Donald Trump’s inward-looking policy upsets Silicon Valley’s efforts to expand its global empire, and when the US Congress further deregulates the internet industry, allowing internet service providers (ISPs), for example, to collect and trade user’s private data. So the tech giants decide to go to bed with China.

What does this have to do with you using your smartphone in, say, Sydney?

Well, if you have a Facebook presence, it means your social network information may now be used in a few additional ways, without your knowledge. Perhaps a few China-bashing news items, shared by your friends, will disappear from your news feed. And if you rely on Google, YouTube, Amazon or Uber, the data you accumulate during your daily routines may now empower not just the Little Sisters (that is, advertising companies), but also Big Brother himself.

“We want to help the rest of the world connect with China.”

According to urban geographer and unionist Kurt Iveson, surveillance cameras at the University of Sydney generate half of the internet traffic on campus. All the research, the paperwork, the social media back-and-forth, the videos people watch and the online games and music they play, all this online traffic, when added together, barely matches the terabytes of information generated by the surveillance feed.

That’s a pretty big achievement for those tiny cameras looking down at you in the corridors and from the street lamps.

The ‘big’ in Big Brother and Big Data

China has big ambitions. Its interests and investments in infrastructure on a global scale are well known. It will only be a matter of time before Beijing realises that digital assets are as vital, perhaps even more valuable, than highways and airports.

The Chinese Communist Party already has a good record of endorsing corporate platforms in the New Economy. Last November, China embraced the “disruptive” innovation of Uber and similar services. It became the first country to legalise the smartphone ride-hailing business on a national scale.

In contrast, Japanese and European cities have long banned Uber from their streets. Australians and Americans continue to debate the ethics and legalities of the start-up service.

In response to the warm embrace, Uber praised China as:

… a country that has consistently shown itself to be forward-thinking when it comes to business innovation.

Now you probably see why Silicon Valley might want to divorce Trump and have an affair behind Tiananmen.

Your digital rights

Maybe it’s not such a good idea, after all, to hastily agree to whatever terms and conditions tech companies hand down to you in tedious fine print. You don’t know your rights. You don’t know who has your data. But do you care?

As an individual, your power is limited. Using a virtual private network (VPN) can be a good start, but which VPN service can you really trust? This is a pertinent question because what if the VPN you use turns out to be a honeypot collecting data about you?

Your best shot, then, is to join a movement – such as a citizen group – to raise awareness or a watchdog organisation that guards against the mishandling of private data by telecommunication companies.

Other good places to seek refuge and spread the good word include non-government organisations that promote solidarity with IT-sector workers and hacker groups who develop new crypto technology. You don’t have to know programming or coding to join them, as even the best hackers will need other kinds of help.

Cities like Sydney have many such organisations. Plenty of folks are working on digital rights issues. Join them to protect your data from being infringed by Big Brother, his Little Sisters, and even telcos and ISPs.

Even if China doesn’t plan to take down its Great Firewall any time soon, that doesn’t make protecting your own data – personal information that reveals so much about your life – any less important.

The ConversationAs long as you have signed over your rights to corporations, they can still sell out big to Beijing, Moscow or whoever else is peeping from afar, at this very moment, into your campus or workplace CCTV system.

Jack Linchuan Qiu, Professor, School of Journalism and Communication, Chinese University of Hong Kong

This article was originally published on The Conversation. Read the original article.

Turnbull and Shorten urge need to curb terrorists’ opportunities on the internet



File 20170612 10193 iopfr7
Both the government and the opposition will warn about terrorists exploiting cyberspace.
Mick Tsikas/AAP

Michelle Grattan, University of Canberra

Malcolm Turnbull and Bill Shorten will both home in on the importance of tackling cyber issues as part of the fight against terrorism, in parliamentary speeches on Tuesday.

In a security update on the threats facing Australia at home and abroad, Turnbull will say that an “online civil society is as achievable as an offline one”.

“The privacy and security of a terrorist can never be more important than public safety,” he says in notes released ahead of the address.

“The rights and protections of the vast overwhelming majority of Australians must outweigh the rights of those who will do them harm.

“That is truly what balancing the priority of community safety with individual liberties and our way of life is about.”

The government would not take an “if it ain’t broke we won’t fix it” mentality, Turnbull says – rather, Australia is at the forefront of efforts to address future threats.

Attorney-General George Brandis will visit Canada this month to meet his Five Eyes security counterparts – the others are from Britain, the US, New Zealand as well as Canada – and discuss what more can be done by likeminded nations and with the communications and technology industry “to ensure terrorists and organised criminals are not able to operate with impunity within ungoverned digital spaces online”.

Shorten, in his address (an extract of which has been released), will say: “We need to recognise this is a 21st-century conflict – being fought online as well as in the streets. Terrorists are using sophisticated online strategies as well as crude weapons of violence.”

He says this is where the private sector has a responsibility.

“For a long time Daesh has used the internet as an instrument of radicalisation. Through Twitter and Facebook they boast of a propaganda arm that can reach into every home in the world: spreading hate, recruiting followers and encouraging imitators.

“And with encryption technology like Whatsapp and Telegram they can securely communicate not just a message of violence – but instructions in how to carry it out.”

Shorten will acknowledge many internet providers and social media platforms such as Facebook work hard to detect and remove offensive content, namely child pornography and other forms of violent crime.

“But we need more – and these companies have the resources and the capacity to do more.

“As good corporate citizens and responsible members of democratic nations, I’m confident these tech companies will seek to do everything they can to assist the fight against terror.

“We must always be mindful of the rule of the law and the proper protections of our citizens – but we must be equally focused on adapting to new mediums and new technologies to detect and prevent new threats,” Shorten says.

The security focus in parliament comes after last week’s attack in Melbourne, events in Britain, and Friday’s decision by the Council of Australian Governments that there should be a presumption against parole and bail for people who have had any involvement with terrorism.

The ConversationThe government this week will introduce its tough new provisions governing visa and citizenship requirements. They include giving Immigration Minister Peter Dutton power to overrule Administrative Appeal Tribunal decisions on citizenship. Dutton said this would align citizenship provisions with the power he already has in relation to visas. There would still be the right to appeal to the Federal Court. Labor will announce its attitude when it sees the legislation.

https://www.podbean.com/media/player/icjdu-6b9a25?from=site&skin=1&share=1&fonts=Helvetica&auto=0&download=0

Michelle Grattan, Professorial Fellow, University of Canberra

This article was originally published on The Conversation. Read the original article.

Six things every consumer should know about the ‘Internet of Things’



File 20170606 16849 1uprbhi
What happens if your smart kettle is hacked?
Shutterstock

Kayleen Manwaring, UNSW

At least 40% of Australian households now have at least one home “Internet of Things” device. These are fridges, window blinds, locks and other devices that are connected to the internet.

While the Internet of Things (IoT) may lead to more efficiency in our daily lives, my research shows that consumers are exposed to many risks by the use of IoT devices, ranging from disclosure of private information, to physical injury and problems with the devices themselves.

Australia has no specific laws aimed at addressing IoT issues, and current laws intended to protect consumers have gaps and uncertainties when dealing with IoT devices.

1) Your devices can spy on you (and your kids)

Many IoT device manufacturers and suppliers show little regard for customers’ privacy. Some even make money from customer data.

Consumer electronics company Vizio recently agreed to pay US regulators US$2.2 million, after allegedly failing to get appropriate consent from users to track their TV viewing habits.

Late last year, the Norwegian Consumer Council found that a children’s doll recorded anything said to it by children and sent the recordings to a US company. The company reserved the right to share and use the data for a broad range of purposes.

2) Many IoT devices are vulnerable to hacking

The same doll was also found to have a security flaw that allowed strangers to talk and listen through the doll. Security vulnerabilities such as these can be exploited to cause damage in both the physical and virtual worlds.

IoT devices were recently involved in some of the largest “distributed-denial-of-service” attacks – flooding websites with traffic until they crash. The recent huge attacks on internet company Dyn and on the security researcher Brian Krebs were in large part fuelled by hacked IoT devices.

But hacked IoT devices can also be dangerous by themselves. In 2015 Fiat Chrysler recalled 1.4 million vehicles when security researchers proved they could break into smart cars’ systems remotely and control brakes, steering and transmission.

3) Your devices are never really yours, even after you pay for them

Most IoT devices come with some form of embedded software, and the devices won’t work properly – or sometimes at all – without it. This software is usually licensed, not sold, and the conditions imposed through licence agreements can hinder users’ repairing, modifying or reselling their devices.

This can be anti-competitive, as individual users are effectively “locked in” to one brand and one supplier.

For several years now, US farmers have been in a dispute with agricultural machinery manufacturers such as John Deere, over their rights to repair tractors that contain embedded software.

The farmers were granted a three-year exemption to certain copyright laws in 2015. However, John Deere is fighting back.

In October 2016, the company issued a new licence agreement which prohibits almost all software modification on its tractors. This action appears to be an attempt to ensure all repairs are done by John Deere contractors.

4) Your devices know your weaknesses

IoT devices have the potential to collect more intimate data about individuals than was possible with previous devices. This data can then be used to create profiles that give incredible insight into consumers, and can even predict their behaviour.

For a number of years now we’ve known that the embedded technology in smartphones can be used to detect users’ mood, stress levels, personality type etc.

But some IoT devices can collect even more intimate and personalised data. This was evident after a recent out-of-court settlement by a wireless vibrator manufacturer allegedly collecting data without consent.

The consumer profiles that can be built with all this data can then be used to sell us products at times when our willpower is lowest. Retailers are currently using technology to track consumers through stores and send customised messages to mobile phones. This may be linked to our purchase history and what is known about our mood.

5) It’s almost impossible to know what you’re getting yourself into, or how long it will last

Many IoT products are complex hybrids of software, hardware and services, often provided by more than one supplier. What your rights are when things go wrong, and who best to fix it for you, can be hard to figure out.

A recent investigation of the Nest thermostat system revealed that if consumers wanted to understand all of the rights and obligations of those in the supply chain, they needed to read a minimum of 13 different contractual documents.

Even if you know and trust your supplier, they may not be around forever. And when they go, services essential to their products working may disappear as well.

Revolv, a maker of home automation devices, was shut down after the company was acquired by Nest, which was itself acquired by Google. Nest refused to support Revolv’s products, and they stopped working less than two years after being released.

6) The law may not protect you

Many IoT devices put consumer privacy at risk, but the Privacy Act has significant limitations, as the definition of “personal information” is very narrow. The Act doesn’t even apply to many Australian companies, as they do not meet thresholds such as having A$3 million in annual turnover.

Consumers and regulators may attempt to pursue device suppliers under the consumer guarantees in the Australian Consumer Law. But there are grey areas here too. We don’t know what “acceptable quality” is when it comes to some of these devices, for instance. Is an internet-connected kettle that boils water perfectly well, but can be easily hacked, of acceptable quality?

Proceed with caution

Consumers are exposed to significant risks from IoT devices, from predatory use of data, to security flaws and devices no longer being supported. Meanwhile Australia has no specific laws aimed at addressing these IoT issues.

The most recent review of the Australian Consumer Law recommended investigating “emerging technologies” be made a priority. It is vital that a close examination of consumer protection relating to IoT devices be included front-and-centre in this project.

The ConversationIn the meantime, consumers should think long and hard about the risks they are taking on with IoT devices. Do you really need that internet-connected hairbrush?

Kayleen Manwaring, Lecturer, School of Taxation & Business Law, UNSW

This article was originally published on The Conversation. Read the original article.

The NBN: how a national infrastructure dream fell short


Tooran Alizadeh, University of Sydney

Eight years into the Australian government’s National Broadband Network (NBN) project, the nation has an average internet speed50th in the global rankings – that lags well behind many advanced economy countries.

Ongoing secrecy around the NBN, a project that’s likely to cost more than A$50 billion, makes it impossible for the public in most cases to know when and what quality service they will receive. Further, new research shows the NBN rollout was politically motivated and socioeconomically biased from the beginning.

It is perhaps time to remind ourselves of the ups and downs of the project that was once announced as a dream national infrastructure project for the 21st century. This requires a ten-year journey back in time, before we can figure out what needs to be done next.

The ups

In November 2007, after 11 years of Coalition government, Labor was elected on a policy platform that promised a national broadband network.

The NBN company was announced in April 2009 to provide terrestrial fibre network coverage for 93% of Australian premises by the end of 2020. Fixed wireless and satellite coverage would serve the remaining 7%.

Looking back, it’s hard to deny the influence the NBN has had on Australian politics. Perhaps the peak influence was when three independent MPs cited the NBN as one of the key reasons why they supported a Labor government over the Coalition when the 2010 federal election produced a hung parliament.

The final 60 early NBN rollout locations were then announced. The plan was for the first stage of the large-scale rollout to follow, connecting 3.5 million premises in 1,500 communities by mid-2015.

The downs

The early NBN rollout experienced significant delays. This attracted a great deal of “overwhelmingly negative” media coverage. Public opinion polls reflected growing dissatisfaction with the national project.

This dissatisfaction and the September 2013 federal election result changed the fate of the NBN. In 2013, the new Coalition government suspended the first stage of the large-scale fibre-to-premises NBN rollout to reassess the scale of the project.

In 2014, the government announced that the NBN rollout would change from a primarily fibre-to-premises model to a multi-technology-mix model. The technology to be used would be determined on an area-by-area basis.

This change of direction resulted in a prolonged state of uncertainty at the local government level. As it was rolled out, the NBN was widely criticised for being slow, expensive and obsolete.

Current state of play

Delays continue in the construction of the Coalition’s NBN. What can only be described as a downgrade of the original national project is now seriously over budget.

In September 2016, a joint standing committee of parliament was established to inquire into the NBN rollout. The inquiry is continuing.

The bleak status quo only gets worse when the on-the-ground reality of the NBN rollout is considered. While fibre-to-premises rollout is supposed to be limited in the Coalition’s NBN, disturbing examples of misconduct in the NBN installations are highly concerning.

The image below shows one example of many in which heritage-listed buildings (in this case also public housing) are disrespected to the point that suggests an absolute lack of communication between NBN contractors, local government, or heritage agencies.

One heritage-listed house with two NBN installations (Judge Street, Woolloomooloo, NSW).
Author

Who misses out?

In the Coalition’s NBN, the provision of universal high-speed capacity – as envisioned in the original NBN – has been transformed into a patchwork of final speeds and different quality of service. This leads to an important question about equity. It also puts the 60 early rollout locations in the spotlight as these could potentially be the only ones across the nation that enjoy fibre-to-premises NBN.

My new research points to the political motivations in the selection of these lucky 60 sites. Voting patterns in these locations were compared with all electorates in the federal elections from 2007 to 2013. The analysis shows the selections were skewed for potential political gain.

ALP-held seats were the main beneficiaries of the early NBN rollout; safe Coalition-held seats were the least likely to receive the infrastructure.

Tony Windsor, one of the three influential independent MPs in 2010, famously said of the NBN:

Do it once, do it right, and do it with fibre.

He secured priority access for his regional electorate to the early NBN.

Tony Windsor: ‘Do it once, do it right and do it with fibre.’

However, most regional localities were not that lucky. Indeed, research on the sociospatial distribution of the early NBN rollout shows the limited share of regional Australia.

What to do?

It is convenient to blame one political party for the state of chaos that the NBN is in right now. However, politicisation of the project has been part of the problem since day one.

Instead, we call for telecommunication infrastructure to be considered for what it really is: the backbone of the fast-growing digital economy; the foundation for innovation in the age of smart cities and big data; and a key pillar of social equity and spatial justice.

In reality, however, in the age of big data and open data, the lack of transparency around the NBN is shocking. In evidence to the parliamentary committee inquiry in March 2017, the Australian Competition and Consumer Commission expressed concern about the lack of transparency on NBN performance.

The ConversationPolicing the leaks of NBN data is not going to clean up the mess. Quite the opposite: the Australian government needs to share the NBN data, so the exact nature and scale of the problems can be determined. Only then can we talk about finding a way forward in this long journey.

Tooran Alizadeh, Senior Lecturer, Director of Urban Design, University of Sydney

This article was originally published on The Conversation. Read the original article.

Massive global ransomware attack highlights faults and the need to be better prepared



File 20170513 3668 xajz7t
Wana Decrypt0r 2.0 Ransomware Screen.
Avast

David Glance, University of Western Australia

A massive malware attack was launched on Friday, affecting at least 75,000 computers in 99 countries. Computers running Microsoft Windows were infected with “WanaCrypt0r 2.0 or WannaCry” ransomware. Once infected, all of the files on the computer are encrypted by the malware, which then displays a ransom demand of between US $300 and $600 in bitcoin that needs to be paid before the files can be decrypted. The Conversation

The WannaCry ransomware is being spread through a weakness in Microsoft Windows that was originally exploited by the US National Security Agency (NSA) as part of their arsenal of cyberweapons in a tool called “Eternal Blue”. Unfortunately, this tool, along with many others, was stolen by hackers and leaked to the world in April 2017 by a hacker group calling themselves the “Shadow Brokers”.

Microsoft had already released a fix for the Eternal Blue vulnerability in March, but the extent of the WannaCrypt attack has highlighted how many organisations have failed to apply the fix, or are running copies of Windows that are so old that there wasn’t a fix for them.

Russia, Ukraine and Taiwan have been the countries most affected by the attack. In the UK however, the attack hit the National Health Service badly enough that services to patients were disrupted.

At the time or writing, one of the bitcoin addresses used by the malware showed that only a few people had paid the ransomware so far but the number has been slowly ticking up.

The spread of the first wave of WannaCry ransomware may have been halted by a cybersecurity researcher who, by registering a domain with a particular name, effectively activated a “kill switch” in the malware software that stops it from spreading further.

Ransomware has become the biggest threat to organisations and governments trying to protect critical infrastructure. According to a study by IBM ransomware attacks increased by 6,000% in 2016 and at least 40% of spam emails now carry ransomware. The study also found that 70% of businesses infected with ransomware would pay the ransom. In many cases, this is because they either did not have backups, or they believed it was a faster way of getting their business back up and running.

The NHS has come in for particular criticism about the consequences of the attack because they knew about the risks and had been warned repeatedly to take steps to protect their networks and computers.

Finding out who was behind the malware is going to be very difficult. The malware communicates using the anonymising Tor network and demands payments in the equally anonymous currency, bitcoin, making tracing those behind the attack more complicated.

The NSA has also been held partly to blame for the attack because it had not alerted Microsoft about the weakness in its system until the NSA’s software that exploited it had been stolen and leaked to the public. Had the NSA told Microsoft when it discovered the weakness, the patch to fix the vulnerability would have been available in enough time for even the slowest of organisations to have patched their computers.

Ironically, large scale attacks such as these do have the effect of highlighting the threat of malware attacks and cybersecurity in general. This is true at the national level as well as amongst businesses. The frequency and scale of attacks also gives us a measure of how effectively companies and countries are prepared for cybersecurity attacks of any kind. Governments can act to enforce cybersecurity protective measures on companies, especially those that provide critical services or infrastructure. They can also act to direct their security services to disclose weaknesses in software systems, rather than keeping them secret in order to exploit them themselves against some future enemy.

Companies and their employees can help protect themselves from future attacks of ransomware by taking the following steps:

  1. Back up computers. This doesn’t stop a computer from being attack but effectively renders it ineffective because it is easy to re-install the system from a backup should it become locked by ransomware.
  2. Don’t click on links in emails unless you are expecting the email to contain a link. If you don’t know, double check with the sender. Equally, if you open a document and it asks to run macros, just say no. Avoid putting people into this situation in the first place by not sending links unless you have agreed prior to sending the email.
  3. Always update systems and software with the latest security updates. Better still, set the system to automatically do this on your behalf.
  4. Use antivirus software to protect systems.
  5. If infected, disconnect the computer from the network so that other computers are not infected.

David Glance, Director of UWA Centre for Software Practice, University of Western Australia

This article was originally published on The Conversation. Read the original article.